1 /* 2 * Copyright 2001-2003 Sun Microsystems, Inc. All rights reserved. 3 * Use is subject to license terms. 4 */ 5 6 #pragma ident "%Z%%M% %I% %E% SMI" 7 8 9 /* 10 * The contents of this file are subject to the Netscape Public 11 * License Version 1.1 (the "License"); you may not use this file 12 * except in compliance with the License. You may obtain a copy of 13 * the License at http://www.mozilla.org/NPL/ 14 * 15 * Software distributed under the License is distributed on an "AS 16 * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or 17 * implied. See the License for the specific language governing 18 * rights and limitations under the License. 19 * 20 * The Original Code is Mozilla Communicator client code, released 21 * March 31, 1998. 22 * 23 * The Initial Developer of the Original Code is Netscape 24 * Communications Corporation. Portions created by Netscape are 25 * Copyright (C) 1998-1999 Netscape Communications Corporation. All 26 * Rights Reserved. 27 * 28 * Contributor(s): 29 */ 30 /* 31 * Copyright (c) 1996 Regents of the University of Michigan. 32 * All rights reserved. 33 * 34 */ 35 /* LIBLDAP url.c -- LDAP URL related routines 36 * 37 * LDAP URLs look like this: 38 * l d a p : / / hostport / dn [ ? attributes [ ? scope [ ? filter ] ] ] 39 * 40 * where: 41 * attributes is a comma separated list 42 * scope is one of these three strings: base one sub (default=base) 43 * filter is an string-represented filter as in RFC 1558 44 * 45 * e.g., ldap://ldap.itd.umich.edu/c=US?o,description?one?o=umich 46 * 47 * We also tolerate URLs that look like: <ldapurl> and <URL:ldapurl> 48 */ 49 50 #if 0 51 #ifndef lint 52 static char copyright[] = "@(#) Copyright (c) 1996 Regents of the University of Michigan.\nAll rights reserved.\n"; 53 #endif 54 #endif 55 56 #include "ldap-int.h" 57 58 59 static int skip_url_prefix( const char **urlp, int *enclosedp, int *securep ); 60 61 62 int 63 LDAP_CALL 64 ldap_is_ldap_url( const char *url ) 65 { 66 int enclosed, secure; 67 68 return( url != NULL 69 && skip_url_prefix( &url, &enclosed, &secure )); 70 } 71 72 73 static int 74 skip_url_prefix( const char **urlp, int *enclosedp, int *securep ) 75 { 76 /* 77 * return non-zero if this looks like a LDAP URL; zero if not 78 * if non-zero returned, *urlp will be moved past "ldap://" part of URL 79 * The data that *urlp points to is not changed by this function. 80 */ 81 if ( *urlp == NULL ) { 82 return( 0 ); 83 } 84 85 /* skip leading '<' (if any) */ 86 if ( **urlp == '<' ) { 87 *enclosedp = 1; 88 ++*urlp; 89 } else { 90 *enclosedp = 0; 91 } 92 93 /* skip leading "URL:" (if any) */ 94 if ( strlen( *urlp ) >= LDAP_URL_URLCOLON_LEN && strncasecmp( 95 *urlp, LDAP_URL_URLCOLON, LDAP_URL_URLCOLON_LEN ) == 0 ) { 96 *urlp += LDAP_URL_URLCOLON_LEN; 97 } 98 99 /* check for an "ldap://" prefix */ 100 if ( strlen( *urlp ) >= LDAP_URL_PREFIX_LEN && strncasecmp( *urlp, 101 LDAP_URL_PREFIX, LDAP_URL_PREFIX_LEN ) == 0 ) { 102 /* skip over URL prefix and return success */ 103 *urlp += LDAP_URL_PREFIX_LEN; 104 *securep = 0; 105 return( 1 ); 106 } 107 108 /* check for an "ldaps://" prefix */ 109 if ( strlen( *urlp ) >= LDAPS_URL_PREFIX_LEN && strncasecmp( *urlp, 110 LDAPS_URL_PREFIX, LDAPS_URL_PREFIX_LEN ) == 0 ) { 111 /* skip over URL prefix and return success */ 112 *urlp += LDAPS_URL_PREFIX_LEN; 113 *securep = 1; 114 return( 1 ); 115 } 116 117 return( 0 ); /* not an LDAP URL */ 118 } 119 120 121 int 122 LDAP_CALL 123 ldap_url_parse( const char *url, LDAPURLDesc **ludpp ) 124 { 125 /* 126 * Pick apart the pieces of an LDAP URL. 127 */ 128 int rc; 129 130 if (( rc = nsldapi_url_parse( url, ludpp, 1 )) == 0 ) { 131 if ( (*ludpp)->lud_scope == -1 ) { 132 (*ludpp)->lud_scope = LDAP_SCOPE_BASE; 133 } 134 if ( (*ludpp)->lud_filter == NULL ) { 135 (*ludpp)->lud_filter = "(objectclass=*)"; 136 } 137 if ( *((*ludpp)->lud_dn) == '\0' ) { 138 (*ludpp)->lud_dn = NULL; 139 } 140 } 141 142 return( rc ); 143 } 144 145 /* same as ldap_url_parse(), but dn is not require */ 146 int 147 LDAP_CALL 148 ldap_url_parse_nodn(const char *url, LDAPURLDesc **ludpp) 149 { 150 /* 151 * Pick apart the pieces of an LDAP URL. 152 */ 153 int rc; 154 155 if ((rc = nsldapi_url_parse(url, ludpp, 0)) == 0) { 156 if ((*ludpp)->lud_scope == -1) { 157 (*ludpp)->lud_scope = LDAP_SCOPE_BASE; 158 } 159 if ((*ludpp)->lud_filter == NULL) { 160 (*ludpp)->lud_filter = "(objectclass=*)"; 161 } 162 if ((*ludpp)->lud_dn && *((*ludpp)->lud_dn) == '\0') { 163 (*ludpp)->lud_dn = NULL; 164 } 165 } 166 167 return (rc); 168 } 169 170 171 /* 172 * like ldap_url_parse() with a few exceptions: 173 * 1) if dn_required is zero, a missing DN does not generate an error 174 * (we just leave the lud_dn field NULL) 175 * 2) no defaults are set for lud_scope and lud_filter (they are set to -1 176 * and NULL respectively if no SCOPE or FILTER are present in the URL). 177 * 3) when there is a zero-length DN in a URL we do not set lud_dn to NULL. 178 * 4) if an LDAPv3 URL extensions are included, 179 */ 180 int 181 nsldapi_url_parse( const char *url, LDAPURLDesc **ludpp, int dn_required ) 182 { 183 184 LDAPURLDesc *ludp; 185 char *urlcopy, *attrs, *scope, *extensions = NULL, *p, *q; 186 int enclosed, secure, i, nattrs, at_start; 187 188 LDAPDebug( LDAP_DEBUG_TRACE, "nsldapi_url_parse(%s)\n", url, 0, 0 ); 189 190 if ( url == NULL || ludpp == NULL ) { 191 return( LDAP_URL_ERR_PARAM ); 192 } 193 194 *ludpp = NULL; /* pessimistic */ 195 196 if ( !skip_url_prefix( &url, &enclosed, &secure )) { 197 return( LDAP_URL_ERR_NOTLDAP ); 198 } 199 200 /* allocate return struct */ 201 if (( ludp = (LDAPURLDesc *)NSLDAPI_CALLOC( 1, sizeof( LDAPURLDesc ))) 202 == NULLLDAPURLDESC ) { 203 return( LDAP_URL_ERR_MEM ); 204 } 205 206 if ( secure ) { 207 ludp->lud_options |= LDAP_URL_OPT_SECURE; 208 } 209 210 /* make working copy of the remainder of the URL */ 211 if (( urlcopy = nsldapi_strdup( url )) == NULL ) { 212 ldap_free_urldesc( ludp ); 213 return( LDAP_URL_ERR_MEM ); 214 } 215 216 if ( enclosed && *((p = urlcopy + strlen( urlcopy ) - 1)) == '>' ) { 217 *p = '\0'; 218 } 219 220 /* initialize scope and filter */ 221 ludp->lud_scope = -1; 222 ludp->lud_filter = NULL; 223 224 /* lud_string is the only malloc'd string space we use */ 225 ludp->lud_string = urlcopy; 226 227 /* scan forward for '/' that marks end of hostport and begin. of dn */ 228 if (( ludp->lud_dn = strchr( urlcopy, '/' )) == NULL ) { 229 if ( dn_required ) { 230 ldap_free_urldesc( ludp ); 231 return( LDAP_URL_ERR_NODN ); 232 } 233 } else { 234 /* terminate hostport; point to start of dn */ 235 *ludp->lud_dn++ = '\0'; 236 } 237 238 239 if ( *urlcopy == '\0' ) { 240 ludp->lud_host = NULL; 241 } else { 242 ludp->lud_host = urlcopy; 243 nsldapi_hex_unescape( ludp->lud_host ); 244 245 /* 246 * Locate and strip off optional port number (:#) in host 247 * portion of URL. 248 * 249 * If more than one space-separated host is listed, we only 250 * look for a port number within the right-most one since 251 * ldap_init() will handle host parameters that look like 252 * host:port anyway. 253 */ 254 if (( p = strrchr( ludp->lud_host, ' ' )) == NULL ) { 255 p = ludp->lud_host; 256 } else { 257 ++p; 258 } 259 if ( *p == '[' && ( q = strchr( p, ']' )) != NULL ) { 260 /* square brackets present -- skip past them */ 261 p = q++; 262 } 263 if (( p = strchr( p, ':' )) != NULL ) { 264 *p++ = '\0'; 265 ludp->lud_port = atoi( p ); 266 if ( *ludp->lud_host == '\0' ) { 267 /* 268 * no hostname and a port: invalid hostcode 269 * according to RFC 1738 270 */ 271 ldap_free_urldesc(ludp); 272 return (LDAP_URL_ERR_HOSTPORT); 273 } 274 } 275 } 276 277 /* scan for '?' that marks end of dn and beginning of attributes */ 278 attrs = NULL; 279 if ( ludp->lud_dn != NULL && 280 ( attrs = strchr( ludp->lud_dn, '?' )) != NULL ) { 281 /* terminate dn; point to start of attrs. */ 282 *attrs++ = '\0'; 283 284 /* scan for '?' that marks end of attrs and begin. of scope */ 285 if (( p = strchr( attrs, '?' )) != NULL ) { 286 /* 287 * terminate attrs; point to start of scope and scan for 288 * '?' that marks end of scope and begin. of filter 289 */ 290 *p++ = '\0'; 291 scope = p; 292 293 if (( p = strchr( scope, '?' )) != NULL ) { 294 /* terminate scope; point to start of filter */ 295 *p++ = '\0'; 296 if ( *p != '\0' ) { 297 ludp->lud_filter = p; 298 /* 299 * scan for the '?' that marks the end 300 * of the filter and the start of any 301 * extensions 302 */ 303 if (( p = strchr( ludp->lud_filter, '?' )) 304 != NULL ) { 305 *p++ = '\0'; /* term. filter */ 306 extensions = p; 307 } 308 if ( *ludp->lud_filter == '\0' ) { 309 ludp->lud_filter = NULL; 310 } else { 311 nsldapi_hex_unescape( ludp->lud_filter ); 312 } 313 } 314 } 315 316 317 if ( strcasecmp( scope, "one" ) == 0 ) { 318 ludp->lud_scope = LDAP_SCOPE_ONELEVEL; 319 } else if ( strcasecmp( scope, "base" ) == 0 ) { 320 ludp->lud_scope = LDAP_SCOPE_BASE; 321 } else if ( strcasecmp( scope, "sub" ) == 0 ) { 322 ludp->lud_scope = LDAP_SCOPE_SUBTREE; 323 } else if ( *scope != '\0' ) { 324 ldap_free_urldesc( ludp ); 325 return( LDAP_URL_ERR_BADSCOPE ); 326 } 327 } 328 } 329 330 if ( ludp->lud_dn != NULL ) { 331 nsldapi_hex_unescape( ludp->lud_dn ); 332 } 333 334 /* 335 * if attrs list was included, turn it into a null-terminated array 336 */ 337 if ( attrs != NULL && *attrs != '\0' ) { 338 nsldapi_hex_unescape( attrs ); 339 for ( nattrs = 1, p = attrs; *p != '\0'; ++p ) { 340 if ( *p == ',' ) { 341 ++nattrs; 342 } 343 } 344 345 if (( ludp->lud_attrs = (char **)NSLDAPI_CALLOC( nattrs + 1, 346 sizeof( char * ))) == NULL ) { 347 ldap_free_urldesc( ludp ); 348 return( LDAP_URL_ERR_MEM ); 349 } 350 351 for ( i = 0, p = attrs; i < nattrs; ++i ) { 352 ludp->lud_attrs[ i ] = p; 353 if (( p = strchr( p, ',' )) != NULL ) { 354 *p++ ='\0'; 355 } 356 nsldapi_hex_unescape( ludp->lud_attrs[ i ] ); 357 } 358 } 359 360 /* if extensions list was included, check for critical ones */ 361 if ( extensions != NULL && *extensions != '\0' ) { 362 /* Note: at present, we do not recognize ANY extensions */ 363 at_start = 1; 364 for ( p = extensions; *p != '\0'; ++p ) { 365 if ( at_start ) { 366 if ( *p == '!' ) { /* critical extension */ 367 ldap_free_urldesc( ludp ); 368 /* this is what iplanet did * 369 return( LDAP_URL_UNRECOGNIZED_CRITICAL_EXTENSION ); 370 * and this is what we do */ 371 return( LDAP_URL_ERR_PARAM ); 372 } 373 at_start = 0; 374 } else if ( *p == ',' ) { 375 at_start = 1; 376 } 377 } 378 } 379 380 381 *ludpp = ludp; 382 383 return( 0 ); 384 } 385 386 387 void 388 LDAP_CALL 389 ldap_free_urldesc( LDAPURLDesc *ludp ) 390 { 391 if ( ludp != NULLLDAPURLDESC ) { 392 if ( ludp->lud_string != NULL ) { 393 NSLDAPI_FREE( ludp->lud_string ); 394 } 395 if ( ludp->lud_attrs != NULL ) { 396 NSLDAPI_FREE( ludp->lud_attrs ); 397 } 398 NSLDAPI_FREE( ludp ); 399 } 400 } 401 402 403 int 404 LDAP_CALL 405 ldap_url_search( LDAP *ld, const char *url, int attrsonly ) 406 { 407 int err, msgid; 408 LDAPURLDesc *ludp; 409 BerElement *ber; 410 LDAPServer *srv; 411 char *host; 412 413 if ( !NSLDAPI_VALID_LDAP_POINTER( ld )) { 414 return( -1 ); /* punt */ 415 } 416 417 if ( ldap_url_parse( url, &ludp ) != 0 ) { 418 LDAP_SET_LDERRNO( ld, LDAP_PARAM_ERROR, NULL, NULL ); 419 return( -1 ); 420 } 421 422 LDAP_MUTEX_LOCK( ld, LDAP_MSGID_LOCK ); 423 msgid = ++ld->ld_msgid; 424 LDAP_MUTEX_UNLOCK( ld, LDAP_MSGID_LOCK ); 425 426 if ( nsldapi_build_search_req( ld, ludp->lud_dn, ludp->lud_scope, 427 ludp->lud_filter, ludp->lud_attrs, attrsonly, NULL, NULL, 428 -1, -1, msgid, &ber ) != LDAP_SUCCESS ) { 429 return( -1 ); 430 } 431 432 err = 0; 433 434 if ( ludp->lud_host == NULL ) { 435 host = ld->ld_defhost; 436 } else { 437 host = ludp->lud_host; 438 } 439 440 if (( srv = (LDAPServer *)NSLDAPI_CALLOC( 1, sizeof( LDAPServer ))) 441 == NULL || ( host != NULL && 442 ( srv->lsrv_host = nsldapi_strdup( host )) == NULL )) { 443 if ( srv != NULL ) { 444 NSLDAPI_FREE( srv ); 445 } 446 LDAP_SET_LDERRNO( ld, LDAP_NO_MEMORY, NULL, NULL ); 447 err = -1; 448 } else { 449 if ( ludp->lud_port != 0 ) { 450 /* URL includes a port - use it */ 451 srv->lsrv_port = ludp->lud_port; 452 } else if ( ludp->lud_host == NULL ) { 453 /* URL has no port or host - use port from ld */ 454 srv->lsrv_port = ld->ld_defport; 455 } else if (( ludp->lud_options & LDAP_URL_OPT_SECURE ) == 0 ) { 456 /* ldap URL has a host but no port - use std. port */ 457 srv->lsrv_port = LDAP_PORT; 458 } else { 459 /* ldaps URL has a host but no port - use std. port */ 460 srv->lsrv_port = LDAPS_PORT; 461 } 462 } 463 464 if (( ludp->lud_options & LDAP_URL_OPT_SECURE ) != 0 ) { 465 srv->lsrv_options |= LDAP_SRV_OPT_SECURE; 466 } 467 468 if ( err != 0 ) { 469 ber_free( ber, 1 ); 470 } else { 471 err = nsldapi_send_server_request( ld, ber, msgid, NULL, srv, 472 NULL, NULL, 1 ); 473 } 474 475 ldap_free_urldesc( ludp ); 476 return( err ); 477 } 478 479 480 int 481 LDAP_CALL 482 ldap_url_search_st( LDAP *ld, const char *url, int attrsonly, 483 struct timeval *timeout, LDAPMessage **res ) 484 { 485 int msgid; 486 487 /* 488 * It is an error to pass in a zero'd timeval. 489 */ 490 if ( timeout != NULL && timeout->tv_sec == 0 && 491 timeout->tv_usec == 0 ) { 492 if ( ld != NULL ) { 493 LDAP_SET_LDERRNO( ld, LDAP_PARAM_ERROR, NULL, NULL ); 494 } 495 if ( res != NULL ) { 496 *res = NULL; 497 } 498 return( LDAP_PARAM_ERROR ); 499 } 500 501 if (( msgid = ldap_url_search( ld, url, attrsonly )) == -1 ) { 502 return( LDAP_GET_LDERRNO( ld, NULL, NULL ) ); 503 } 504 505 if ( ldap_result( ld, msgid, 1, timeout, res ) == -1 ) { 506 return( LDAP_GET_LDERRNO( ld, NULL, NULL ) ); 507 } 508 509 if ( LDAP_GET_LDERRNO( ld, NULL, NULL ) == LDAP_TIMEOUT ) { 510 (void) ldap_abandon( ld, msgid ); 511 LDAP_SET_LDERRNO( ld, LDAP_TIMEOUT, NULL, NULL ); 512 return( LDAP_TIMEOUT ); 513 } 514 515 return( ldap_result2error( ld, *res, 0 )); 516 } 517 518 519 int 520 LDAP_CALL 521 ldap_url_search_s( LDAP *ld, const char *url, int attrsonly, LDAPMessage **res ) 522 { 523 int msgid; 524 525 if (( msgid = ldap_url_search( ld, url, attrsonly )) == -1 ) { 526 return( LDAP_GET_LDERRNO( ld, NULL, NULL ) ); 527 } 528 529 if ( ldap_result( ld, msgid, 1, (struct timeval *)NULL, res ) == -1 ) { 530 return( LDAP_GET_LDERRNO( ld, NULL, NULL ) ); 531 } 532 533 return( ldap_result2error( ld, *res, 0 )); 534 } 535 536 #ifdef _SOLARIS_SDK 537 /* 538 * Locate the LDAP URL associated with a DNS domain name. 539 * 540 * The supplied DNS domain name is converted into a distinguished 541 * name. The directory entry specified by that distinguished name 542 * is searched for a labeledURI attribute. If successful then the 543 * LDAP URL is returned. If unsuccessful then that entry's parent 544 * is searched and so on until the target distinguished name is 545 * reduced to only two nameparts. 546 * 547 * For example, if 'ny.eng.wiz.com' is the DNS domain then the 548 * following entries are searched until one succeeds: 549 * dc=ny,dc=eng,dc=wiz,dc=com 550 * dc=eng,dc=wiz,dc=com 551 * dc=wiz,dc=com 552 * 553 * If dns_name is NULL then the environment variable LOCALDOMAIN is used. 554 * If attrs is not NULL then it is appended to the URL's attribute list. 555 * If scope is not NULL then it overrides the URL's scope. 556 * If filter is not NULL then it is merged with the URL's filter. 557 * 558 * If an error is encountered then zero is returned, otherwise a string 559 * URL is returned. The caller should free the returned string if it is 560 * non-zero. 561 */ 562 563 char * 564 ldap_dns_to_url( 565 LDAP *ld, 566 char *dns_name, 567 char *attrs, 568 char *scope, 569 char *filter 570 ) 571 { 572 char *dn; 573 char *url = 0; 574 char *url2 = 0; 575 LDAPURLDesc *urldesc; 576 char *cp; 577 char *cp2; 578 size_t attrs_len = 0; 579 size_t scope_len = 0; 580 size_t filter_len = 0; 581 int nameparts; 582 int no_attrs = 0; 583 int no_scope = 0; 584 585 if (dns_name == 0) { 586 dns_name = (char *)getenv("LOCALDOMAIN"); 587 } 588 589 if ((ld == NULL) || ((dn = ldap_dns_to_dn(dns_name, &nameparts)) == 590 NULL)) 591 return (0); 592 593 if ((url = ldap_dn_to_url(ld, dn, nameparts)) == NULL) { 594 free(dn); 595 return (0); 596 } 597 free(dn); 598 599 /* merge filter and/or scope and/or attributes with URL */ 600 if (attrs || scope || filter) { 601 602 if (attrs) 603 attrs_len = strlen(attrs) + 2; /* for comma and NULL */ 604 605 if (scope) 606 scope_len = strlen(scope) + 1; /* for NULL */ 607 608 if (filter) 609 filter_len = strlen(filter) + 4; 610 /* for ampersand, parentheses and NULL */ 611 612 if (ldap_is_ldap_url(url)) { 613 614 if ((url2 = (char *)malloc(attrs_len + scope_len + 615 filter_len + strlen(url) + 1)) == NULL) { 616 return (0); 617 } 618 cp = url; 619 cp2 = url2; 620 621 /* copy URL scheme, hostname, port number and DN */ 622 while (*cp && (*cp != '?')) { 623 *cp2++ = *cp++; 624 } 625 626 /* handle URL attributes */ 627 628 if (*cp == '?') { /* test first '?' */ 629 *cp2++ = *cp++; /* copy first '?' */ 630 631 if (*cp == '?') { /* test second '?' */ 632 633 /* insert supplied attributes */ 634 if (attrs) { 635 while (*attrs) { 636 *cp2++ = *attrs++; 637 } 638 } else { 639 no_attrs = 1; 640 } 641 642 } else { 643 644 /* copy URL attributes */ 645 while (*cp && (*cp != '?')) { 646 *cp2++ = *cp++; 647 } 648 649 /* append supplied attributes */ 650 if (attrs) { 651 *cp2++ = ','; 652 while (*attrs) { 653 *cp2++ = *attrs++; 654 } 655 } 656 } 657 658 } else { 659 /* append supplied attributes */ 660 if (attrs) { 661 *cp2++ = '?'; 662 while (*attrs) { 663 *cp2++ = *attrs++; 664 } 665 } else { 666 no_attrs = 1; 667 } 668 } 669 670 /* handle URL scope */ 671 672 if (*cp == '?') { /* test second '?' */ 673 *cp2++ = *cp++; /* copy second '?' */ 674 675 if (*cp == '?') { /* test third '?' */ 676 677 /* insert supplied scope */ 678 if (scope) { 679 while (*scope) { 680 *cp2++ = *scope++; 681 } 682 } else { 683 no_scope = 1; 684 } 685 686 } else { 687 688 if (scope) { 689 /* skip over URL scope */ 690 while (*cp && (*cp != '?')) { 691 *cp++; 692 } 693 /* insert supplied scope */ 694 while (*scope) { 695 *cp2++ = *scope++; 696 } 697 } else { 698 699 /* copy URL scope */ 700 while (*cp && (*cp != '?')) { 701 *cp2++ = *cp++; 702 } 703 } 704 } 705 706 } else { 707 /* append supplied scope */ 708 if (scope) { 709 if (no_attrs) { 710 *cp2++ = '?'; 711 } 712 *cp2++ = '?'; 713 while (*scope) { 714 *cp2++ = *scope++; 715 } 716 } else { 717 no_scope = 1; 718 } 719 } 720 721 /* handle URL filter */ 722 723 if (*cp == '?') { /* test third '?' */ 724 *cp2++ = *cp++; /* copy third '?' */ 725 726 if (filter) { 727 728 /* merge URL and supplied filters */ 729 730 *cp2++ = '('; 731 *cp2++ = '&'; 732 /* copy URL filter */ 733 while (*cp) { 734 *cp2++ = *cp++; 735 } 736 /* append supplied filter */ 737 while (*filter) { 738 *cp2++ = *filter++; 739 } 740 *cp2++ = ')'; 741 } else { 742 743 /* copy URL filter */ 744 while (*cp) { 745 *cp2++ = *cp++; 746 } 747 } 748 749 } else { 750 /* append supplied filter */ 751 if (filter) { 752 if (no_scope) { 753 if (no_attrs) { 754 *cp2++ = '?'; 755 } 756 *cp2++ = '?'; 757 } 758 *cp2++ = '?'; 759 while (*filter) { 760 *cp2++ = *filter++; 761 } 762 } 763 } 764 765 *cp2++ = '\0'; 766 free (url); 767 url = url2; 768 769 } else { 770 return (0); /* not an LDAP URL */ 771 } 772 } 773 return (url); 774 } 775 776 /* 777 * Locate the LDAP URL associated with a distinguished name. 778 * 779 * The number of nameparts in the supplied distinguished name must be 780 * provided. The specified directory entry is searched for a labeledURI 781 * attribute. If successful then the LDAP URL is returned. If unsuccessful 782 * then that entry's parent is searched and so on until the target 783 * distinguished name is reduced to only two nameparts. 784 * 785 * For example, if 'l=ny,ou=eng,o=wiz,c=us' is the distinguished name 786 * then the following entries are searched until one succeeds: 787 * l=ny,ou=eng,o=wiz,c=us 788 * ou=eng,o=wiz,c=us 789 * o=wiz,c=us 790 * 791 * If an error is encountered then zero is returned, otherwise a string 792 * URL is returned. The caller should free the returned string if it is 793 * non-zero. 794 */ 795 796 char * 797 ldap_dn_to_url( 798 LDAP *ld, 799 char *dn, 800 int nameparts 801 ) 802 { 803 char *next_dn = dn; 804 char *url = 0; 805 char *attrs[2] = {"labeledURI", 0}; 806 LDAPMessage *res, *e; 807 char **vals; 808 809 /* 810 * Search for a URL in the named entry or its parent entry. 811 * Continue until only 2 nameparts remain. 812 */ 813 while (dn && (nameparts > 1) && (! url)) { 814 815 /* search for the labeledURI attribute */ 816 if (ldap_search_s(ld, dn, LDAP_SCOPE_BASE, 817 "(objectClass=*)", attrs, 0, &res) == LDAP_SUCCESS) { 818 819 /* locate the first entry returned */ 820 if ((e = ldap_first_entry(ld, res)) != NULL) { 821 822 /* locate the labeledURI attribute */ 823 if ((vals = 824 ldap_get_values(ld, e, "labeledURI")) != 825 NULL) { 826 827 /* copy the attribute value */ 828 if ((url = strdup((char *)vals[0])) != 829 NULL) { 830 ldap_value_free(vals); 831 } 832 } 833 } 834 /* free the search results */ 835 if (res != NULL) { 836 ldap_msgfree(res); 837 } 838 } 839 840 if (! url) { 841 /* advance along the DN by one namepart */ 842 if (next_dn = strchr(dn, ',')) { 843 next_dn++; 844 dn = next_dn; 845 nameparts--; 846 } 847 } 848 } 849 850 return (url); 851 } 852 853 #endif /* _SOLARIS_SDK */ 854